Miggo Logo
Book a Demo
Miggo Vulnerability Database
CVE-2020-7776

CVE-2020-7776:
Cross-site scripting in phpoffice/phpspreadsheet

6.4

CVSS Score

Basic Information

CVE ID
CVE-2020-7776
GHSA ID
GHSA-4mqv-gcr3-pff9
EPSS Score
-
CWE
CWE-79
Published
5/6/2021
Updated
3/6/2025
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
phpoffice/phpspreadsheetcomposer< 1.16.01.16.0
phpoffice/phpexcelcomposer<= 1.8.2

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stemmed from how cell comments were handled in HTML output generation. The commit 0ed5b800be2136bcb8fa9c1bdf59abc957a98845 shows the fix involved adding HTML escaping (htmlspecialchars) to comment text in writeCommentTag. Prior to this fix, the function directly output user-supplied comments without sanitization, making it susceptible to XSS when comments contained malicious scripts. The affected code path is clearly shown in the HTML writer's comment handling logic.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T*is *****ts t** p**k*** p*po**i**/p*pspr***s***t. T** li*r*ry is vuln*r**l* to XSS w**n *r**tin* *n *tml output *rom *n *x**l *il* *y ***in* * *omm*nt on *ny **ll. T** root **us* o* t*is issu* is wit*in t** *TML writ*r w**r* us*r *omm*nts *r* *on**t

Reasoning

T** vuln*r**ility st*mm** *rom *ow **ll *omm*nts w*r* **n*l** in *TML output **n*r*tion. T** *ommit **************************************** s*ows t** *ix involv** ***in* *TML *s**pin* (*tmlsp**i*l***rs) to *omm*nt t*xt in writ**omm*ntT**. Prior to t